Insight from the Information Security Experts

Main menu

Tag Archives: Intelligence

Just a quick note today to get you thinking about a very big issue that is just over the security horizon.

As machine learning capabilities grow rapidly and mass storage pricing drops to close to zero, we will see a collision that will easily benefit common criminals. That is, they will begin to apply machine learning correlation and prediction capabilities to breach data – particularly passwords, in my opinion.

Millions of passwords are often breached at a time these days. Compiling these stolen password is quite easy, and with each added set, the idea of tracking and tracing individual users and their password selection patterns becomes trivial. Learning systems could be used to turn that raw data into insights about particular user patterns. For example, if a user continually creates passwords based on a season and a number (ex: Summer16) and several breaches show that same pattern as being associated with that particular user (ex: Summer16 on one site, Autumn12 on another and so on…) then the criminals can use prediction algorithms to create a custom dictionary to target that user. The dictionary set will be concise and is likely to be highly effective.

Hopefully, we have been teaching users not to use the same password in multiple locations – but a quick review of breach data sets show that these patterns are common. I believe they may well become the next evolution of bad password choices.

Now might be the time to add this to your awareness programs. Talk to users about password randomization, password vaults and the impacts that machine learning and AI are likely to have on crime. If we can change user behavior today, we may be able to prevent the breaches of tomorrow!

We have decided to bring what has been a service offering to very select clients for the last several years to availability for all of our clients and the public.

For years, several of our clients have been enjoying custom security intelligence driven by the MSI TigerTrax™ analytics platform and our dedicated team of analysts and subject matter experts. The research and analysis work the team has been performing has been focused on agendas like:

competitive analysis

economic industry scale market analysis

consumer behavior, demographic or psychographic profiling

organizational human network data flows and relationship mapping

gathering data for marketing and sales opportunities on a global scale

dark net data raids

trend and disruptive technology assessments

scalability & DRM techniques

piracy and underground market analyses

and even assessments of threats against brands, nation-states and multi-national cooperatives

Our team has robust expertise to gather, profile, mine, visualize and analyze public or private data en masse for your organization.

Want customized threat data about your brands, on a global scale, updated monthly with new findings from the public, deep and dark web spaces? We can do that.

Want large amounts of competitive market data gathered, visualized and summarized? We can do that too.

Need daily briefings on a set of specific trends, geo-locations or products? Our experts are experienced at producing it.

Desire to have entire market segments deconstructed, profiled and researched to find vendors, trends and critical relationships up to 3 levels away from the core processes? We’ve done that now for multiple industries.

How about a customized monthly briefing of industry wide changes, summaries of events and monitoring of specific sets of questions your organization may have around critical topic areas? We have done this for clients across multiple industries.

Basically, if your organization would like to have customized research, analysis and intelligence – and we aren’t talking about lists of indicators of compromises and such – but REAL WORLD operational intelligence for optimizing your products, services or marketing, then we may be able to assist you. If you need a larger world view than the data you have now permits, we may be able to solve that for you. If you need to match your organization’s internal data-driven views with the views of the public or smaller groups of the public, we may be able to turn those efforts into insights.

If any of this sounds interesting and useful, join us for a cup of coffee or a conference call, and let’s talk about your needs and our capabilities. We have been performing these services for years for a select few clients, and are now ready to open these capabilities to a wider audience. To schedule a discussion, drop us a line at info@microsolved.com, hit our website at microsolved.com and click on the request a quote button or give us a call at (614) 351-1237 today. We look forward to talking with you.

In today’s issue of the latest cyber news we have quite a bit in the way of Cyber-Mania & Situation Awareness in the Binary Worlds…

Pay particular attention to the immediate section below and the latest items of interest from the People’s Republic of Cyber Espionage…er, sorry, China…
There are a couple of interesting items regarding cuber attacks and a cuber timeline from NATO…yeah OTAN…go figure!
And yes the F-B-I is looking for Hacker love…be sure to use a condom … or those executable files ail ruin your weekend…:-)

FBI director calls on private sector to help with cyber threatI’ll be sure to send him a .pdf with an executable file in it – oh wait the Minneapolis Cyber Field Office already received it….Nyarch!
http://arstechnica.com/tech-policy/2013/08/fbi-director-calls-on-private-sector-to-help-with-cyber-threat/CIA, FBI and NSA Leaders Ask for Help Fighting Cyberattacks
http://mashable.com/2013/08/08/cia-fbi-nsa-cyberattacks/?The Government Wants to Create Cybersecurity Insurance
http://gizmodo.com/the-government-wants-to-create-cybersecurity-insurance-1046375980IPv6 is latest tool for stealing credit card numbers and passwords
http://www.v3.co.uk/v3-uk/news/2286734/ipv6-is-latest-tool-for-stealing-credit-card-numbers-and-passwords

Good day my curious friends…much in the cyber news to amuse and entrain, but never alarm you…

Pay particular attention the articles below related to Huawei and their colonization of India via BSNL and Ethiopia via massive telco rollouts. People’s Republic of China & Operation Middle Kingdom…oh yes, Huawei and the colonization of Africa & India….always remember that a significant amount of cyber threat news and alerts will be released on Friday, saturdays and Sundays…when no one is paying attention…

Much news to post for a Sunday…remember the Red Dragon’s thought, controversial and unpopular stories are published on the weekends…today 9 JUNE 2013 is certainly a landmark day….enjoy the cyber threat intelligence news of the day from all corners of the cyber world…here is today’s edition of People’s Republic of China and Hacking the US Defense Industrial Base (DIB)….